Documentation ¶
Overview ¶
Package signing implements consistent signing and verifying protobuf messages.
Index ¶
- Variables
- func Disabled() bool
- func EncodeExitCompleted(ctx context.Context, exitCompleted *pb.ExitCompleted) (_ []byte, err error)
- func EncodeExitFailed(ctx context.Context, exitFailed *pb.ExitFailed) (_ []byte, err error)
- func EncodeOrder(ctx context.Context, order *pb.Order) (_ []byte, err error)
- func EncodeOrderLimit(ctx context.Context, limit *pb.OrderLimit) (_ []byte, err error)
- func EncodePieceHash(ctx context.Context, hash *pb.PieceHash) (_ []byte, err error)
- func SignExitCompleted(ctx context.Context, signer Signer, unsigned *pb.ExitCompleted) (_ *pb.ExitCompleted, err error)
- func SignExitFailed(ctx context.Context, signer Signer, unsigned *pb.ExitFailed) (_ *pb.ExitFailed, err error)
- func SignOrderLimit(ctx context.Context, satellite Signer, unsigned *pb.OrderLimit) (_ *pb.OrderLimit, err error)
- func SignPieceHash(ctx context.Context, signer Signer, unsigned *pb.PieceHash) (_ *pb.PieceHash, err error)
- func SignUplinkOrder(ctx context.Context, privateKey storj.PiecePrivateKey, unsigned *pb.Order) (_ *pb.Order, err error)
- func SignUplinkPieceHash(ctx context.Context, privateKey storj.PiecePrivateKey, unsigned *pb.PieceHash) (_ *pb.PieceHash, err error)
- func VerifyExitCompleted(ctx context.Context, satellite Signee, signed *pb.ExitCompleted) (err error)
- func VerifyExitFailed(ctx context.Context, satellite Signee, signed *pb.ExitFailed) (err error)
- func VerifyOrderLimitSignature(ctx context.Context, satellite Signee, signed *pb.OrderLimit) (err error)
- func VerifyOrderSignature(ctx context.Context, uplink Signee, signed *pb.Order) (err error)
- func VerifyPieceHashSignature(ctx context.Context, signee Signee, signed *pb.PieceHash) (err error)
- func VerifyUplinkOrderSignature(ctx context.Context, publicKey storj.PiecePublicKey, signed *pb.Order) (err error)
- func VerifyUplinkPieceHashSignature(ctx context.Context, publicKey storj.PiecePublicKey, signed *pb.PieceHash) (err error)
- type PrivateKey
- func (private *PrivateKey) HashAndSign(ctx context.Context, data []byte) (_ []byte, err error)
- func (private *PrivateKey) HashAndVerifySignature(ctx context.Context, data, signature []byte) (err error)
- func (private *PrivateKey) ID() storj.NodeID
- func (private *PrivateKey) SignHMACSHA256(ctx context.Context, data []byte) (_ []byte, err error)
- func (private *PrivateKey) VerifyHMACSHA256(ctx context.Context, data, signature []byte) (err error)
- type PublicKey
- type Signee
- type Signer
Constants ¶
This section is empty.
Variables ¶
var Error = errs.Class("signing")
Error is the default error class for signing package.
Functions ¶
func Disabled ¶
func Disabled() bool
Disabled returns true if signatures are disabled. If disabled, signatures are set to "DISABLED-SIGNATURE" and are ignored during verification.
func EncodeExitCompleted ¶
func EncodeExitCompleted(ctx context.Context, exitCompleted *pb.ExitCompleted) (_ []byte, err error)
EncodeExitCompleted encodes ExitCompleted into bytes for signing.
func EncodeExitFailed ¶
EncodeExitFailed encodes ExitFailed into bytes for signing.
func EncodeOrder ¶
EncodeOrder encodes order into bytes for signing. Removes signature from serialized order.
func EncodeOrderLimit ¶
EncodeOrderLimit encodes order limit into bytes for signing. Removes signature from serialized limit.
func EncodePieceHash ¶
EncodePieceHash encodes piece hash into bytes for signing. Removes signature from serialized hash.
func SignExitCompleted ¶
func SignExitCompleted(ctx context.Context, signer Signer, unsigned *pb.ExitCompleted) (_ *pb.ExitCompleted, err error)
SignExitCompleted signs the ExitCompleted using the specified signer. Signer is a satellite.
func SignExitFailed ¶
func SignExitFailed(ctx context.Context, signer Signer, unsigned *pb.ExitFailed) (_ *pb.ExitFailed, err error)
SignExitFailed signs the ExitFailed using the specified signer. Signer is a satellite.
func SignOrderLimit ¶
func SignOrderLimit(ctx context.Context, satellite Signer, unsigned *pb.OrderLimit) (_ *pb.OrderLimit, err error)
SignOrderLimit signs the order limit using the specified signer. Signer is a satellite.
func SignPieceHash ¶
func SignPieceHash(ctx context.Context, signer Signer, unsigned *pb.PieceHash) (_ *pb.PieceHash, err error)
SignPieceHash signs the piece hash using the specified signer. Signer is either uplink or storage node.
func SignUplinkOrder ¶
func SignUplinkOrder(ctx context.Context, privateKey storj.PiecePrivateKey, unsigned *pb.Order) (_ *pb.Order, err error)
SignUplinkOrder signs the order using the specified signer. Signer is an uplink.
func SignUplinkPieceHash ¶
func SignUplinkPieceHash(ctx context.Context, privateKey storj.PiecePrivateKey, unsigned *pb.PieceHash) (_ *pb.PieceHash, err error)
SignUplinkPieceHash signs the piece hash using the specified signer. Signer is either uplink or storage node.
func VerifyExitCompleted ¶
func VerifyExitCompleted(ctx context.Context, satellite Signee, signed *pb.ExitCompleted) (err error)
VerifyExitCompleted verifies that the signature inside ExitCompleted belongs to the satellite.
func VerifyExitFailed ¶
VerifyExitFailed verifies that the signature inside ExitFailed belongs to the satellite.
func VerifyOrderLimitSignature ¶
func VerifyOrderLimitSignature(ctx context.Context, satellite Signee, signed *pb.OrderLimit) (err error)
VerifyOrderLimitSignature verifies that the signature inside order limit is valid and belongs to the satellite.
func VerifyOrderSignature ¶
VerifyOrderSignature verifies that the signature inside order is valid and belongs to the uplink.
func VerifyPieceHashSignature ¶
VerifyPieceHashSignature verifies that the signature inside piece hash is valid and belongs to the signer, which is either uplink or storage node.
func VerifyUplinkOrderSignature ¶
func VerifyUplinkOrderSignature(ctx context.Context, publicKey storj.PiecePublicKey, signed *pb.Order) (err error)
VerifyUplinkOrderSignature verifies that the signature inside order is valid and belongs to the uplink.
func VerifyUplinkPieceHashSignature ¶
func VerifyUplinkPieceHashSignature(ctx context.Context, publicKey storj.PiecePublicKey, signed *pb.PieceHash) (err error)
VerifyUplinkPieceHashSignature verifies that the signature inside piece hash is valid and belongs to the signer, which is either uplink or storage node.
Types ¶
type PrivateKey ¶
type PrivateKey struct { Self storj.NodeID Key crypto.PrivateKey }
PrivateKey implements a signer and signee using a crypto.PrivateKey.
func (*PrivateKey) HashAndSign ¶
HashAndSign hashes the data and signs with the used key.
func (*PrivateKey) HashAndVerifySignature ¶
func (private *PrivateKey) HashAndVerifySignature(ctx context.Context, data, signature []byte) (err error)
HashAndVerifySignature hashes the data and verifies that the signature belongs to the PrivateKey.
func (*PrivateKey) ID ¶
func (private *PrivateKey) ID() storj.NodeID
ID returns node id associated with PrivateKey.
func (*PrivateKey) SignHMACSHA256 ¶
SignHMACSHA256 signs the given data with HMAC-SHA256 using the key as the secret.
func (*PrivateKey) VerifyHMACSHA256 ¶
func (private *PrivateKey) VerifyHMACSHA256(ctx context.Context, data, signature []byte) (err error)
VerifyHMACSHA256 checks that signature matches the HMAC-SHA256 of data using the key as the secret.
type PublicKey ¶
PublicKey implements a signee using crypto.PublicKey.
type Signee ¶
type Signee interface { ID() storj.NodeID HashAndVerifySignature(ctx context.Context, data, signature []byte) error }
Signee is able to verify that the data signature belongs to the signee.
func SigneeFromPeerIdentity ¶
func SigneeFromPeerIdentity(identity *identity.PeerIdentity) Signee
SigneeFromPeerIdentity returns signee based on peer identity.
type Signer ¶
type Signer interface { ID() storj.NodeID HashAndSign(ctx context.Context, data []byte) ([]byte, error) HashAndVerifySignature(ctx context.Context, data, signature []byte) error SignHMACSHA256(ctx context.Context, data []byte) ([]byte, error) VerifyHMACSHA256(ctx context.Context, data, signature []byte) error }
Signer is able to sign data and verify own signature belongs.
func SignerFromFullIdentity ¶
func SignerFromFullIdentity(identity *identity.FullIdentity) Signer
SignerFromFullIdentity returns signer based on full identity.